
DDS (Ver_09-12-01.01) - NTFSx86  
Run by Gateway User at  4:37:44.93 on Mon 02/08/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.495.142 [GMT -6:00]

AV: avast! Antivirus *On-access scanning enabled* (Updated)   {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxpers.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
svchost.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
C:\WINDOWS\System32\msiexec.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Gateway User\Desktop\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
mPolicies-system: EnableLUA = 0 (0x0)
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {9A57B18E-2F5D-11D5-8997-00104BD12D94} - hxxp://support.gateway.com/support/serialharvest/gwCID.CAB
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15111/CTPID.cab
TCP: NameServer = 93.188.162.205,93.188.166.72
TCP: {3DFC0EAE-E6F2-4CE2-8DF6-E80668F2F549} = 93.188.162.205,93.188.166.72
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1	www.spywareinfo.com

============= SERVICES / DRIVERS ===============

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-1-27 163280]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-1-27 19024]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-27 40384]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-27 40384]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-1-27 40384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]

=============== Created Last 30 ================

2010-02-08 07:07:42	0	d-----w-	c:\docume~1\gatewa~1\applic~1\Malwarebytes
2010-02-08 07:07:38	38224	----a-w-	c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-08 07:07:36	0	d-----w-	c:\docume~1\alluse~1\applic~1\Malwarebytes
2010-02-08 07:07:34	19160	----a-w-	c:\windows\system32\drivers\mbam.sys
2010-02-08 07:07:34	0	d-----w-	c:\program files\Malwarebytes' Anti-Malware
2010-02-08 06:58:11	0	d-----w-	c:\program files\Trend Micro
2010-02-06 22:24:16	51	----a-w-	c:\windows\wininit.ini
2010-02-01 08:57:37	218	----a-w-	c:\documents and settings\gateway user\.recently-used.xbel
2010-01-27 19:25:00	139152	----a-w-	c:\windows\system32\drivers\PnkBstrK.sys
2010-01-27 19:24:41	111928	----a-w-	c:\windows\system32\PnkBstrB.exe
2010-01-27 19:24:40	75064	----a-w-	c:\windows\system32\PnkBstrA.exe
2010-01-27 17:48:32	0	d-----w-	c:\docume~1\alluse~1\applic~1\Alwil Software
2010-01-27 17:27:55	56816	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2010-01-25 07:03:21	36	----a-w-	c:\windows\system32\?Ò
2010-01-14 15:37:44	7062	----a-w-	c:\windows\system32\audiopid.vxd
2010-01-14 15:05:01	3255	----a-w-	c:\windows\system32\wbem\Outlook_01ca952af1d2065e.mof
2010-01-14 08:51:07	221184	----a-w-	c:\windows\system32\wmpns.dll
2010-01-14 08:50:55	0	d-----w-	c:\program files\Windows Media Connect 2
2010-01-14 08:48:48	0	d-----w-	C:\3757516a2ad3f7b3e6b99b1b3f45b9f1
2010-01-14 05:44:27	0	d-----w-	c:\program files\uTorrent
2010-01-14 05:43:49	0	d-----w-	c:\docume~1\gatewa~1\applic~1\uTorrent
2010-01-11 09:57:52	0	d-----w-	c:\program files\Yahoo!
2010-01-09 23:48:51	729088	----a-w-	c:\windows\iun6002.exe

==================== Find3M  ====================

2010-01-27 19:25:00	139152	----a-w-	c:\docume~1\gatewa~1\applic~1\PnkBstrK.sys
2010-01-27 19:24:40	794408	----a-w-	c:\windows\system32\pbsvc.exe
2010-01-06 14:00:24	794408	----a-w-	c:\windows\system32\pbsvc[1].exe
2010-01-05 02:24:24	411368	----a-w-	c:\windows\system32\deploytk.dll
2009-12-28 20:46:39	87608	----a-w-	c:\docume~1\gatewa~1\applic~1\inst.exe
2009-12-28 20:46:39	47360	----a-w-	c:\docume~1\gatewa~1\applic~1\pcouffin.sys
2009-12-28 20:44:46	47360	----a-w-	c:\windows\system32\drivers\pcouffin.sys
2009-12-21 19:14:05	916480	----a-w-	c:\windows\system32\wininet.dll
2009-12-16 19:34:41	21640	----a-w-	c:\windows\system32\emptyregdb.dat

============= FINISH:  4:38:25.17 ===============